Received: by 2002:a4a:311b:0:0:0:0:0 with SMTP id k27-v6csp3659438ooa; Mon, 13 Aug 2018 15:54:05 -0700 (PDT) X-Google-Smtp-Source: AA+uWPymB/DGHs99PlcPPqUH4MufL20kv3ZNhU7n3wOS6xIpbpsu8JTs9c7Q9Z3imdIMrYLTNOxS X-Received: by 2002:a17:902:9693:: with SMTP id n19-v6mr17967276plp.282.1534200845060; Mon, 13 Aug 2018 15:54:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1534200845; cv=none; d=google.com; s=arc-20160816; b=igedlNz7D+QhBZtUKSKbwQlO4jLQkZ2e9Xd+UDeN99SBTo1z7jwVBUcq+clIKC65RV MLY89yRLkJT9GrmIX/K5Tabr2W6DjR0j7Mdji8aEws+JZBp98cGF/AFzzm8xHWwVltIR af01nxfwwp8hLS/W3JBUhcT3WnQ0V/6t3+S7Zjhsr4cU7P1IOT0FDh8ZbeH30mNydqzz gdOmiu4TadHvgiuO6uZ1UHQ7we5hTB4AyijfIkhy5Yq9g52kdSe/bOWMW0TeaE6kCxKd 4bEHuwYv5tOl3GOMNd/gmL2W9UHUJ5glg+VPs/AC3ePoLpmemaQp18e3HPrOGmomp1uW 2nvg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:message-id :subject:cc:to:from:date:arc-authentication-results; bh=dHlOA0NA6X0FhgJHqBrzh1wT85weo3fFsru0b6I92fE=; b=G53AxFBpf6/5N65Hxt83jHDhA5lClM+BiPxRuXdTcjkwxCUsGaNSK2LXlVu2wSE8Pu heTYSKSGH3yTgUZcMLKPjI3fpY3MMEJZCKOXDHZX/5OqS4m0rIf1hDobGt/4zBp3Dudy i+wiYhWtD/IPBj5F79GHDW3Ck86JYkAShT5qi5GmuaUwgOV1J2w1kSkcjfViNeA2kaaR HluaV2nm4WsWLAxmDjfJN/tv2PHVtHnBMXogitMJ9js/eC2ptZ42R1HsAETSTwmoKVrC P4b32RG0+0+6XqJ6mjtmAXvWnN+/kmQiy5OLvFl6YP7UvAd6LFSWb0rna8KjFlIIn0zH GEjA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 43-v6si18941191plc.496.2018.08.13.15.53.49; Mon, 13 Aug 2018 15:54:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731464AbeHNBgL (ORCPT + 99 others); Mon, 13 Aug 2018 21:36:11 -0400 Received: from namei.org ([65.99.196.166]:43056 "EHLO namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730203AbeHNBgL (ORCPT ); Mon, 13 Aug 2018 21:36:11 -0400 Received: from localhost (localhost [127.0.0.1]) by namei.org (8.14.4/8.14.4) with ESMTP id w7DMpqXU003050; Mon, 13 Aug 2018 22:51:52 GMT Date: Tue, 14 Aug 2018 08:51:52 +1000 (AEST) From: James Morris To: Linus Torvalds cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [GIT PULL] security subsystem: general update for v4.19 Message-ID: User-Agent: Alpine 2.21 (LRH 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Please pull these general updates for v4.19. Summary: - kstrdup() return value fix from Eric Biggers - Add new security_load_data hook to differentiate security checking of kernel-loaded binaries in the case of there being no associated file descriptor, from Mimi Zohar. - Add ability to IMA to specify a policy at build-time, rather than just via command line params or by loading a custom policy, from Mimi. - Allow IMA and LSMs to prevent sysfs firmware load fallback (e.g. if using signed firmware), from Mimi. - Allow IMA to deny loading of kexec kernel images, as they cannot be measured by IMA, from Mimi. I'll followup with updates for Smack and TPM once this is merged. --- The following changes since commit 7daf201d7fe8334e2d2364d4e8ed3394ec9af819: Linux 4.18-rc2 (2018-06-24 20:54:29 +0800) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-general for you to fetch changes up to 87ea58433208d17295e200d56be5e2a4fe4ce7d6: security: check for kstrdup() failure in lsm_append() (2018-07-17 21:27:06 -0700) ---------------------------------------------------------------- Arnd Bergmann (1): security: export security_kernel_load_data function Eric Biggers (1): security: check for kstrdup() failure in lsm_append() James Morris (1): Merge tag 'v4.18-rc2' into next-general Mimi Zohar (8): security: define new LSM hook named security_kernel_load_data kexec: add call to LSM hook in original kexec_load syscall ima: based on policy require signed kexec kernel images firmware: add call to LSM hook before firmware sysfs fallback ima: based on policy require signed firmware (sysfs fallback) ima: add build time policy module: replace the existing LSM hook in init_module ima: based on policy warn about loading firmware (pre-allocated buffer) Paul Moore (1): MAINTAINERS: remove the outdated "LINUX SECURITY MODULE (LSM) FRAMEWORK" entry MAINTAINERS | 5 --- drivers/base/firmware_loader/fallback.c | 7 ++++ include/linux/ima.h | 7 ++++ include/linux/lsm_hooks.h | 6 +++ include/linux/security.h | 27 +++++++++++++ kernel/kexec.c | 8 ++++ kernel/module.c | 2 +- security/integrity/ima/Kconfig | 58 ++++++++++++++++++++++++++++ security/integrity/ima/ima.h | 1 + security/integrity/ima/ima_main.c | 68 ++++++++++++++++++++++++++------- security/integrity/ima/ima_policy.c | 48 +++++++++++++++++++++-- security/loadpin/loadpin.c | 6 +++ security/security.c | 13 +++++++ security/selinux/hooks.c | 15 ++++++++ 14 files changed, 248 insertions(+), 23 deletions(-)